China is one of a quartet of nation states whose nation-state-affiliated threat actors Microsoft especially focuses on in its Digital Defense Report 2024. The others are Russia, North Korea, and Iran.
Cyber attacks have intensified over the last year. China’s “long-term focus on controlling Taiwan drove a high level of targeting of Taiwan-based enterprises from Chinese threat actors, who also penetrated the countries around the South China Sea to collect insights into military exercises and national policy.”
China-based cyber actors Raspberry Typhoon, Flax Typhoon, and Granite Typhoon have intensively targeted entities associated with IT, military, and government interests around the South China Sea….
Raspberry Typhoon has been extremely active, successfully infiltrating military and executive entities in Indonesia and Malaysian maritime systems in the lead-up to a rare naval exercise involving Indonesia, China, and the United States in June 2023….
Since July 2023, Granite Typhoon has compromised telecommunication networks in Indonesia, Malaysia, the Philippines, Cambodia, and Taiwan.”
The authors also outline the current state of “election-related influence operations,” ransomware, phishing (“phishing attacks increased by 58% in 2023”), and other forms of theft and fraud.
Microsoft declares that cyber threats are becoming more dangerous and complex as the world’s bad actors use “increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders.”
In the US alone this fiscal year, 389 healthcare institutions were successfully hit by ransomware, resulting in network closures, systems offline, critical medical operations delayed, and appointments rescheduled. Worse, the increased risk of cyberattacks is no longer limited to civilian cybercriminals. Nation-states are becoming more aggressive in the cyber domain, with ever-growing levels of technical sophistication that reflect increased investment in resources and training. These state-sponsored hackers are not just stealing data, but launching ransomware, prepositioning backdoors for future destruction, sabotaging operations, and conducting influence campaigns.
Better cybersecurity is important but won’t be enough. We need “government action to impose consequences that further discourage the most harmful cyberattacks” as well.
Also: decouple
Would it also help if Microsoft itself did not provide technical assistance to the Chinese government and did not help carry out its repressive agenda?
Lucas Nolan observes that Microsoft is issuing its new insights and warnings “While Maintaining Ties to China’s Research Institutes” (Breitbart, October 18, 2024).
Microsoft maintains a close working relationship with the Chinese Academy of Sciences (CAS), a prestigious research academy run by the Chinese government whose institutes have recently been sanctioned by the United States for alleged attempts to acquire U.S. technology to support Chinese military modernization, records show….
Chinese and Western databases show several scientific publications that were coauthored by Microsoft and CAS researchers (or students at the University of the Chinese Academy of Sciences) in the fields of artificial intelligence, machine learning, data mining, computer vision, and even cybersecurity.
Nolan suggests that all this years-long cooperation with China in fields that can be applied to attack and cyberattack the West contradicts the goal of helping us defend ourselves from cyber threats originating, not least, in China.
Moreover, Microsoft is among the Western tech firms that have cooperated with Chinese repression in various ways, e.g., by censoring search results in the China-based version of Bing and censoring the content of China-based LinkedIn accounts. In 2021, Microsoft gave up on LinkedIn in China (at least the full version that includes social-media features). But it still operates Bing there and still avidly censors results at the behest of the Chinese Communist Party.
In 2005, Microsoft complied with a request of the Chinese government to “shut down the site of Chinese blogger Zhao Jing…who had been addressing sensitive political issues on Microsoft’s blog service. A year later, Microsoft Chairman Bill Gates told a conference that his company must observe legal requirements in countries where it does business. But Gates added: ‘The ability to really withhold information no longer exists.’ ”
Also see:
StopTheChinazis.org: “How to Thwart China’s Cyberattacks”
“It doesn’t have to be this hard.”
